Dear all I use apache httpd as wildlfy's backend proxy server to redirect http request to https request, when i add CsrfPreventionRequestCycleListener to my application , it showd error message:
[org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener] (default task-48) Possible CSRF attack, request URL: http:// etalking.chc.edu.tw/agency/index, Origin: https://etalking.chc.edu.tw, action: aborted with error 400 Origin does not correspond to request How can i conquer this? -------------------------------------------------------------------- -----------------------------------> To boldly go where no man has gone before. -------------------------------------------------------------------- -----------------------------------> We do this not because it is easy. We do this because it is hard. ----------------------------------------------------------------- --------------------------------------> If I have seen further it is by standing on the shoulders of giants. ---------------------------------------------------------- ---------------------------------------------> [email protected] --------------------------------------------------------------------------------------------->
